124 matches found
SUSE CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...
SUSE CVE-2020-11039
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled nearly arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0...
SUSE CVE-2021-20307
Format string vulnerability in panoFileOutputNamesCreate in libpano13 2.9.20rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values...
Lenovo Diagnostics Driver IOCTL memmove
Incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to perform arbitrary physical/virtual memory read/write. Module Options msf use exploit/windows/local/cve20223699lenovodiagnosticsdriver msf...
Lenovo Diagnostics Driver Memory Access Exploit
This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to perform arbitrary physical/virtual memory reads and writes. This module requires Metasploit: https://metasploit.com/download...
UBUNTU-CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...
CVE-2023-22357
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the...
CVE-2022-42278
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data tampering...
CVE-2021-3839
A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability...
USN-5463-2 ntfs-3g vulnerabilities
USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to...
Adobe Illustrator 缓冲区错误漏洞
Adobe Illustrator is a suite of vector-based image creation software from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Illustrator. The vulnerability originates when a networked system or product performs an operation in memory without properly validating data...
Adobe Illustrator 缓冲区错误漏洞
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from a buffer overflow vulnerability that originates when a networked system or product performs an operation in memory without properly validating data boundaries...
CVE-2021-46814
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability...
CVE-2021-46814
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability...
USN-5463-1 ntfs-3g vulnerabilities
It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-46790 Roman Fiedler discovered that NTFS-3G...
ALPINE-CVE-2022-30785
A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
AZL-9848 CVE-2022-30785 affecting package ntfs-3g for versions less than 2022.5.17-1
A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
DEBIAN-CVE-2022-30785
A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
CVE-2021-3839
A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability. Mitigation Mitigation for this issu...
3S-Smart Software Solutions CODESYS Control 安全漏洞
3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS Control that allows any system user to read and...